package com.sddz.pacs.component.shiro;


import com.sddz.pacs.entity.SysUser;
import com.sddz.pacs.service.SysUserService;
import com.sddz.pacs.util.ShiroUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

/**
 * 类的功能描述.
 * shiro 认证
 *
 * @Auther hxy
 * @Date 2017/4/27
 */
@Component
public class MyRealm extends AuthorizingRealm {

    private static final Logger logger = LoggerFactory.getLogger(MyRealm.class);
    @Autowired
    private SysUserService userService;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        //1.授权信息，可以添加权限或者角色
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        SysUser sysUser = (SysUser) principals.getPrimaryPrincipal();
        info.addStringPermissions(sysUser.getPermissions());
        return info;
    }
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

       //1.获取用户名
        String userLoginName= (String) token.getPrincipal();
        // 2.数据库中查询该用户
        SysUser user = userService.queryUserByLoginName(userLoginName);
        if(user.getStatus() == "1"){
            throw new LockedAccountException();
        }
        // 3.shiro认证登录
        SimpleAuthenticationInfo sainfo = new SimpleAuthenticationInfo(user, user.getPassword(), ByteSource.Util.bytes(user.getSalt()), getName());
        return sainfo;



      /* //apache shiro获取所有在线用户

        String userLoginName= (String) token.getPrincipal();
        // 2.数据库中查询该用户
        SysUser user = userService.queryUserByLoginName(userLoginName);
        if(user.getStatus() == "1"){
            throw new LockedAccountException();
        }

        //处理session
        DefaultWebSecurityManager securityManager = (DefaultWebSecurityManager) SecurityUtils.getSecurityManager();
        DefaultWebSessionManager sessionManager = (DefaultWebSessionManager)securityManager.getSessionManager();
        Collection<Session> sessions = sessionManager.getSessionDAO().getActiveSessions();//获取当前已登录的用户session列表
        for(Session session:sessions){
            String loginUsername = String.valueOf(session.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY));//获得session中已经登录用户的名字

            if(loginUsername.contains(userLoginName)){ //这里的username也就是当前登录的username
              session.setTimeout(0); //这里就把session清除，
                throw new UnknownSessionException();
            }
        }
        //3.shiro认证登录
        SimpleAuthenticationInfo sainfo = new SimpleAuthenticationInfo(user, user.getPassword(), ByteSource.Util.bytes(user.getSalt()), getName());
        return sainfo;*/
    }
    @Override
    public void setCredentialsMatcher(CredentialsMatcher credentialsMatcher) {
        HashedCredentialsMatcher shaCredentialsMatcher = new HashedCredentialsMatcher();
        shaCredentialsMatcher.setHashAlgorithmName(ShiroUtils.algorithmName);
        shaCredentialsMatcher.setHashIterations(ShiroUtils.hashIterations);
        super.setCredentialsMatcher(shaCredentialsMatcher);
    }
}
